Jeff is right. Make sure also that your user account that you use when binding the ports has proper permissions to do so.
On Oct 28, 10:16 am, Jeff <dv...@diphi.com> wrote: > Note this line in your startup log: > [27/Oct/2010:17:23:55][13466.3061930912][-nsopenssl:driver-] Notice: > nsopenssl: listening on 64.58.34.55:8443 > > Your ssl server is running fine athttps://www.getreadytoshift.com:8443/ > > Somewhere in your config is a setting like > set httpsport 8443 > > Change that to > set httpsport 443 > > and you should be good to go. Alternately, you could set up port > forwarding, but since you're already running on port 80 there's no real > need. > > -J > > > > Thorpe Mayes wrote: > > I am trying to set up an ssl connection. I am using aolserver 4.5.0. > > > Here is the portion of the nsd file that pertains: > > > # SSL contexts. Each SSL context is a template that SSL connections are > > created > > > # from. A single SSL context may be used by multiple drivers, sockservers > > and > > > # sockclients. > > > ns_section ns/server/${servername}/module/nsopenssl/sslcontexts > > ns_param users "SSL context used for regular user access" > > ### ns_param client "SSL context used for outgoing script socket > > connections" > > > # We explicitly tell the server which SSL contexts to use as defaults when > > an > > > # SSL context is not specified for a particular client or server SSL > > > # connection. Driver connections do not use defaults; they must be > > explicitly > > > # specificied in the driver section. The Tcl API will use the defaults as > > there > > > # is currently no provision to specify which SSL context to use for a > > > # particular connection via an ns_openssl Tcl command. > > > ns_section ns/server/${servername}/module/nsopenssl/defaults > > ns_param server users > > > ns_section ns/server/${servername}/module/nsopenssl/sslcontext/users > > ns_param Role server > > ns_param ModuleDir ${homedir}/servers/${servername}/modules/nsopenssl; # > > ${serverroot}/etc/certs/ > > > ns_param CertFile cert.pem > > ns_param KeyFile key.pem > > ns_param CADir ca > > ns_param CAFile ca.pem > > ns_param Protocols "SSLv2, SSLv3, TLSv1" > > ns_param CipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP" > > ns_param PeerVerify false > > ns_param PeerVerifyDepth 3 > > ns_param Trace false > > > # SSL drivers. Each driver defines a port to listen on and an explitictly > > named > > > # SSL context to associate with it. Note that you can now have multiple > > driver > > > # connections within a single virtual server, which can be tied to different > > > # SSL contexts. Isn't that cool? > > > ns_section ns/server/${servername}/module/nsopenssl/ssldrivers > > ns_param users "Driver for regular user access" > > > ns_section ns/server/${servername}/module/nsopenssl/ssldriver/users > > ns_param sslcontext users > > ns_param port $httpsport > > ns_param hostname $hostname > > ns_param address $address > > > # OpenSSL library support: > > > #ns_param RandomFile /some/file > > > ns_param SeedBytes 1024 > > > ================ > > > Here is the result when I restart the server: > > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsmain: > > AOLserver/4.5.0 starting > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsmain: security > > info: uid=xxx, euid=xxx, gid=xxx, egid=xxx > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsmain: max files: > > FD_SETSIZE = 1024, rl_cur = 1024, rl_max = 1024 > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: encoding: loaded: > > utf-8 > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: fastpath[server8]: > > mapped GET / > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: fastpath[server8]: > > mapped HEAD / > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: fastpath[server8]: > > mapped POST / > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: adp[server8]: > > mapped GET /*.adp > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: adp[server8]: > > mapped HEAD /*.adp > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: adp[server8]: > > mapped POST /*.adp > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: adp[server8]: > > mapped GET /*.html > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: adp[server8]: > > mapped HEAD /*.html > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: adp[server8]: > > mapped POST /*.html > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading > > '/usr/local/aolserver/bin/nssock.so' > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading > > '/usr/local/aolserver/bin/nslog.so' > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nslog: opened > > '/usr/local/aolserver/servers/server8/access.log' > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading > > '/usr/local/aolserver/bin/nsperm.so' > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading > > '/usr/local/aolserver/bin/nsxml.so' > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsxml module > > starting > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading > > '/usr/local/aolserver/bin/nsdb.so' > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading > > '/usr/local/aolserver/bin/nspostgres.so' > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: PostgreSQL loaded. > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading > > '/usr/local/aolserver/bin/libphp5.so' > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: Registering PHP for > > "*.php" > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading > > '/usr/local/aolserver/bin/nsopenssl.so' > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl: > > generating 512-bit temporary RSA key ... > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl: > > generating 1024-bit temporary RSA key ... > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl > > (server8): loading SSL context 'users' > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl > > (server8): 'users' ciphers loaded successfully > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl > > (server8): 'users' using SSLv2 protocol > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl > > (server8): 'users' using SSLv3 protocol > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl > > (server8): 'users' using TLSv1 protocol > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl > > (server8): 'users' certificate and key loaded successfully > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl > > (server8): 'users' CA file loaded successfully > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: users (nsopenssl): > > session cache is turned on for sslcontext 'server8' > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl > > (server8): default SSL context for server is users > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: default server SSL > > context: users > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl > > (server8): loading 'users' SSL driver > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: conf: > > [ns/server/server8]enabletclpages = 1 > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: tcl: enabling .tcl > > pages > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsmain: > > AOLserver/4.5.0 running > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsmain: security > > info: uid=xxx, euid=xxx, gid=xxx, egid=xxx > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: driver: starting: > > nsopenssl > > [27/Oct/2010:17:23:55][13466.3072859040][-sched-] Notice: sched: starting > > [27/Oct/2010:17:23:55][13466.3061930912][-nsopenssl:driver-] Notice: > > starting > > [27/Oct/2010:17:23:55][13466.3061930912][-nsopenssl:driver-] Notice: > > nsopenssl: listening on 64.58.34.55:8443 > > [27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: driver: starting: > > nssock > > [27/Oct/2010:17:23:55][13466.3060874144][-nssock:driver-] Notice: starting > > [27/Oct/2010:17:23:55][13466.3060874144][-nssock:driver-] Notice: nssock: > > listening on 64.58.34.55:80 > > > ============= > > > looks like everything loaded > > > However, when I try to go to a page on the server using https, I get an > > error (Unable to connect - Firefox can't establish a connection to the > > server atwww.getreadytoshift.com) > > > I copied the text from the .crs files I got from godaddy.com for the > > cert.pem and the ca.pem files. > > > Any help will be appreciated. > > > -- > > AOLserver -http://www.aolserver.com/ > > > To Remove yourself from this list, simply send an email > > to<lists...@listserv.aol.com> with the > > body of "SIGNOFF AOLSERVER" in the email message. You can leave the > > Subject: field of your email blank. > > -- > AOLserver -http://www.aolserver.com/ > > To Remove yourself from this list, simply send an email to > <lists...@listserv.aol.com> with the > body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: > field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to <lists...@listserv.aol.com> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.
